23 matches found
EUVD-2026-21228
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
CVE-2026-5295
The CVE describes a stack buffer overflow in wolfSSL’s PKCS7 code (wc_PKCS7_DecryptOri() in wolfcrypt/src/pkcs7.c) when handling CMS EnvelopedData with an OtherRecipientInfo (ORI) recipient. A parsed OID longer than 32 bytes is copied into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) without...
CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
Malicious code in @zalastax/nolb-_ori (npm)
The package @zalastax/nolb-ori was found to contain malicious code...
MAL-2025-10293 Malicious code in @zalastax/nolb-_ori (npm)
The package @zalastax/nolb-ori was found to contain malicious code...
MAL-2024-9744 Malicious code in ori-gabriel-poc (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in ori-gabriel-poc (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in ori-gabriel (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9743 Malicious code in ori-gabriel (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-10226 Malicious code in ori-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b71bf5ca700406e224508f08266da2a443693d48eb216c3854de6be0d1451346 The OpenSSF Package Analysis project identified 'ori-poc' @ 1.0.3 npm as malicious. It is considered malicious because: - The package executes o...
Malicious code in ori-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b71bf5ca700406e224508f08266da2a443693d48eb216c3854de6be0d1451346 The OpenSSF Package Analysis project identified 'ori-poc' @ 1.0.3 npm as malicious. It is considered malicious because: - The package executes o...
Malicious code in ori-gabriel-rce-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f71bb03bb69baf10b63677477b19ab39b9793ad35b10850961a6ee291b10c1f The OpenSSF Package Analysis project identified 'ori-gabriel-rce-test' @ 1.0.1 npm as malicious. It is considered malicious because: - The packa...
MAL-2024-9745 Malicious code in ori-gabriel-rce-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f71bb03bb69baf10b63677477b19ab39b9793ad35b10850961a6ee291b10c1f The OpenSSF Package Analysis project identified 'ori-gabriel-rce-test' @ 1.0.1 npm as malicious. It is considered malicious because: - The packa...
MAL-2024-9747 Malicious code in ori-gabriel-test2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97118bb098b3b51630483b77d70977a582c54e3768ff5c54a65435870b3840de The OpenSSF Package Analysis project identified 'ori-gabriel-test2' @ 7.7.9 npm as malicious. It is considered malicious because: - The package...
Malicious code in ori-gabriel-test2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97118bb098b3b51630483b77d70977a582c54e3768ff5c54a65435870b3840de The OpenSSF Package Analysis project identified 'ori-gabriel-test2' @ 7.7.9 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9746 Malicious code in ori-gabriel-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a738169f3040e2786d44f744d9646f6ae11d6b59e30d03c4edba106a7c2d The OpenSSF Package Analysis project identified 'ori-gabriel-test' @ 7.7.8 npm as malicious. It is considered malicious because: - The package...
Malicious code in ori-gabriel-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a738169f3040e2786d44f744d9646f6ae11d6b59e30d03c4edba106a7c2d The OpenSSF Package Analysis project identified 'ori-gabriel-test' @ 7.7.8 npm as malicious. It is considered malicious because: - The package...